Automated spam filter updating by tracking user navigation

1. A method to manage an email filter associated with a client computing machine, the method comprising: collecting information as a user navigates to and interacts with external websites; applying one or more rule-based criteria to the collected information to determine a characterization to be applied to an initiator of an email message, the characterization being that the initiator is trusted; providing the characterization to the email filter to facilitate an email filter operation with respect to a subsequent email message received from the initiator; and dynamically and in an automated manner as a given initiator is determined to be trusted, applying the rule-based criteria to the collected information and, in response, generating a filter update command that instructs the email filter to modify a preexisting email filter entry, to thereby improve an email system associated with the client computing machine; wherein the collecting, applying and providing steps are carried out in software executing on a set of one or more computing devices.

2. The method as described in claim 1 wherein the information collected includes one of: the user's web browsing history, a list of IP addresses visited by one or more applications executing in the client computing machine, a list of DNS domains and sub-domains visited, and cookie data.

3. The method as described in claim 1 wherein the one or more rule-based criteria includes one of: time, recency, a user-initiated activity, a frequency of user visits, website categorization information, any prior update to a filter list characterization, and any other information to determine that the initiator of the email message is a trusted site.

4. The method as described in claim 1 further including providing a replica of the collected information to a server to facilitate server-side email filtering.

5. The method as described in claim 1 further including receiving data that defines the one or more rule-based criteria to be applied to the collected information.

6. The method as described in claim 1 wherein the rule-based criteria require that the email message be received from an IP address accessed by the user and within a given threshold time following an activity initiated by the user.

7. A method to manage an email filter associated with a client computing machine, the method comprising: collecting information as a user navigates to and interacts with external websites; applying one or more rule-based criteria to the collected information to determine a characterization to be applied to an initiator of an email message; providing the characterization to the email filter to facilitate an email filter operation with respect to the email message; and providing at least one filter update command to instruct the email filter to automatically transfer at least one entry from a blacklist to a whitelist, the filter update command based on the characterization, to thereby improve an email system associated with the client computing machine; wherein the collecting, applying and providing steps are carried out in software executing on a set of one or more computing devices.

8. The method as described in claim 7 wherein the information collected includes one of: the user's web browsing history, a list of IP addresses visited by one or more applications executing in the client computing machine, a list of DNS domains and sub-domains visited, and cookie data.

9. The method as described in claim 7 wherein the one or more rule-based criteria includes one of: time, recency, a user-initiated activity, a frequency of user visits, website categorization information, any prior update to a filter list characterization, and any other information to determine that the initiator of the email message is a trusted site.

10. The method as described in claim 7 further including providing a replica of the collected information to a server to facilitate server-side email filtering.

11. The method as described in claim 7 further including receiving data that defines the one or more rule-based criteria to be applied to the collected information.

12. The method as described in claim 7 wherein the rule-based criteria require that the email message be received from an IP address accessed by the user and within a given threshold time following an activity initiated by the user.

13. A method to manage an email filter associated with a client computing machine, the method comprising: collecting information as a user navigates to and interacts with external websites; applying one or more rule-based criteria to the collected information to determine a characterization to be applied to an initiator of an email message, the characterization being that the initiator is trusted; providing the characterization to the email filter to facilitate an email filter operation with respect to a subsequent email message received from the initiator; and dynamically and in an automated manner as a given initiator is determined to be trusted, applying the rule-based criteria to the collected information and, in response, generating a filter update command that instructs the email filter to modify a given email filter entry, to thereby improve an email system associated with the client computing machine, wherein the filter update command instructs the email filter to automatically transfer the given email filter entry from a blacklist to a whitelist; wherein the collecting, applying and providing steps are carried out in software executing on a set of one or more computing devices.